-
Notifications
You must be signed in to change notification settings - Fork 243
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Building/running a server on Linux #56
Comments
This is great. Can you modify the readme with these details? Thanks!
|
I'm trying to get it to run on Debian 7 atm. Waiting for #35 to get the mail issue done. Once everything is running I'll post a howto. |
okay on EC2/Amazon Linux AMI/ 2014.03.2... I had to update the Python from 2.6.something to 2.7.5 to get the browser-exts to work - that was a bit tricky. BUT then I had to install the pip and virtualenv for 2.7.5 and then the "mitro/emailer" ./build.sh script worked just now. Of course, glancing at the sources... it looks like there is a "localhost" and a port 8125 that needs to be open. I wonder if there are MANDRILL environment variables someplace or settings required to make it work. |
So we kind of got the mail stuff working now. I'm going to write everything down and add the changes to my fork so you can take a look at it. @vijayp I found traces of mandril, local smtp and aws ses for sending mail. Can you tell me which one you actually used? |
And once more - documentation is up at https://www.hashtagsecurity.com/mitro-login-manager-on-premise-2/ I'll try to publish our findings on the mailer as soon as I can get to it. Btw, should we keep this as an issue or document our findings in the wiki? |
So I am at this point at well. I get 404 from jetty when I try to hit the root url, and I get the
when I touch the BuildMetadata page |
also, when I try to run the emailer2 I get
hmmm. |
@kristofer The emailer appears to be terribly broken. I've gotten it up and running, but there are emails being placed in the email table it doesn't know how to handle. It's as if they didn't release the correct version of the emailer. |
I'm currently working on that - try this for now https://github.com/fredericmohr/mitro/tree/master/mitro-mail Once I'm happy with everything, I'll make a pull request to mitro. Edit: Mandrill and AWS SES not yet supported, but it should run with SMTP (at least it did on my debian box) - you can set your SMTP server settings in mitro/mitro.cfg :) |
I decided to just rewrite the emailer from (mostly) scratch. https://github.com/croemmich/mitro-emailer |
@croemmich Nice, I should have waited a few more hours with mine... yours is much better :) Can you make a pull request to mitro, so we can continue to use the official repository? BTW, you can get the mails by creating a mitro.co account and trigger the actions that send the mails. Then you can recreate the templates based on the mails. |
@fredericmohr Since this a rewrite, it would make more sense to keep it out of the mitro-co/mitro repo. Not to mention, storing everything in one repo is just annoying. It'd be nice to get it in to something like mitro-co/mitro-emailer however. |
Ha, I actually like having this in one repository. It means you only ever need to grab one chunk of code, instead of "please check out these six repositories". That said: If you would like, I'm totally happy to create a new repo, and add you as a collaborator? |
@evanj: I think I'd prefer a separate repo. I'll also help to separate issues. |
I would prefer having different repositories for server side and client, as I think it's unnecessary to checkout all the code if you only need the server stuff on your server and the client stuff on your dev or build machine. I'm not sure about splitting the mailer from the mitro-core part... as those are both needed to run mitro server. |
Typically if you are working on the extension, you want a local dev server to test your changes, but I don't want to have a religious debate about it. I just created https://github.com/mitro/emailer with croemmich as a collaborator. Should I add some other people to this? This reminds me: we should move our last private repo out of this account so I can convert it to an open source organization ... |
For future reference, the new mailer can be found here: https://github.com/mitro-co/emailer Great work! |
Hi Wilson, I've followed the above as best I can on a clean RedHat 6.5 server but the "ant test" never completes. It runs fine until "[junit] Testsuite: co.mitro.core.servlets.MitroServletTest" but that never finishes. I'm using nodesource.com as the repo for nodejs and I'm using ant 1.9.6 downloaded directly from Apache. I tried using "ant" from the RedHat repo but that pulls in older versions of java packages which then override the jdk rpm installed from Oracle. Do you have any idea what might be wrong or is there more information that you need which might help diagnose the problem? Thanks in advance... |
Hello rogerwlucas, I just ran 'ant test' here again (I seem to remember that it didn't complete when I wrote this up last year, but I am not totally sure). It has been running for 10 minutes without finishing (still a little activity with registering with 'top', but not much, so I just terminated it), so I will say that it doesn't appear to work for me either. That seems to be the only test that doesn't complete, because I get "SUCCESS" if I just remove that one test for the mitro-core and mitro-core-android tests. It looks like this might be a database problem? Rights issue when inserting? Not sure. Maybe someone else can chime in, because I am not really sure what the problem is. If it is critical that this test passes for you, then please reply back and I may be able to look into it some more. Thanks, P.S. Things seem to hang here (just so there is a more complete error message to search on for others):
|
Hi Wilsonk, On RedHat, I don't even get that far because the Chrome Extension crashes with an error on startup. I suspect that I've got something fundamental wrong with my config on both systems but either the build+test isn't generating a warning/error or I'm missing it. This was why I was questioning whether the tests ran on your install... if they did then that would give me a clue. If they didn't, but you could still connect the Chrome Extension to the server, sign in, manage passwords, etc then it's even more weird. I'll keep digging as I would really like to get Mitro working... Thanks again, |
Hi Wilsonk, After more playing with Chrome, "npm install ...", etc we also have the browser-ext cli tests passing too. The final problem is that we cannot sign up new users. We have installed the debug version of Mitro into Chrome and have seen a connection to the local ant server "GET /mitro-core/ServerRejects?deviceId=/BYMlIJkvuUwGhgN4vESf29B/To=" so it's obviously doing something as soon as the Mitro extension starts. But, when we go through the "Sign Up" process in the Mitro Chrome extension, we enter username + password then click "Sign Up". We get the spinner but it never completes. We don't see any more messages on the "ant server" console either so I suspect that the signup request is not happening for some reason. Any ideas? Thanks, Roger |
Hello Roger, Sorry but I haven't really worked on mitro in a while (and don't have a currently running system), so I can't remember if I ran into this problem before. I just remember that the emailer wasn't available when I set up mitro the first time, so I had massage things around that when signing up. I might look at setting up a new install here, at some point soon, so if you are still having problems then let me know and I might be able to look into this. Thanks, |
In case these are of use to anyone reading this thread, below are the commands that I used to install Mitro on a RedHat 6.6 server. They assume that the user is not root and that it can "sudo". Install Java 7 from OracleDownload JDK from Oracle - version 7u67 has been tested and works. The latest version 8u51 does not work so you will need to register to get access to the earlier v7 releases. You need the appropriate 32- or 64-bit RPM for your system... Once downloaded, install it... Log in as "root"
Install PosgreSQL v9.2 (not 8.x or any other version)
Install the latest version of Java Ant
Install node.js and npm
Install other tools that you will need to run the test suites
Install development tools used by some regression tests
Update "locate" database
Add "mitro" user and switch to this user
Get the latest Mitro code
This should pass, it takes ~25 seconds on Xeon E5-2643 @ 3.3 GHz
The early tests should pass but then fail to start Chrome because it is an SSH connection (assuming you are connecting over SSH). It may work if you are connected via a X terminal session.
Set your server FQDN and port in the client browser configuration fileEdit common/config/config.release.js Build release versions for Firefox and Chrome
Start the PostgreSQL server
Complete the PostgreSQL configurationOpen a new session as "mitro" user
Generate local static keys for Mitro instanceIf you don't do this, you will get new keys generated each time Mitro starts. This will reset all your client accounts.
Create the new server self-signed certificateYou will want to do this so that you don't get connection errors every time your clients connect. You can then load this certificate into your certificate store as as trusted certificate.
Set up the system to auto-run at boot
|
I have dockerized mitro mainly following this guidelines, so if somebody finds it useful you can found it at http://github.com/servomac/mitro Patches and issues are welcomed (be carefull about the self-signed certs, i'm waiting a little to add a simple call to a letencrypt client container or something); this is still a work in progress. |
@evanj @vijayp
Hello everyone. I have managed to build and run mitro-core on Scientific Linux 6.2 (yes that is old...but any newer release should work also), and access it from a separate machine on my internal network. This has some overlap with #53 but I thought I should file it separately. Here are my notes on the process:
For Scientific Linux (or CentOs or any Redhat Enterprise Linux derivative)
git clone https://github.com/mitro-co/mitro
sudo yum install nodejs.x86_64; yum install postgresql.x86_64; yum install postgresql-server; yum install postgresql-contrib
Install java sdk from website as described in mitro-core/README.md
use the jdk-7u67-linux-x64.rpm
sudo rpm -Uvh jdk-7u67-linux-x64.rpm
sudo yum install npm.noarch
Remember to
export NODE_PATH=/<path-to-mitro>/mitro/browser-ext/api/build/node/lib/node_modules
in your .bashrc or .profile
Run sysctl commands as per
mitro-core/README
, if you want to run multiple postgres instancesRun
build.sh
as permitro-core/README
and then the other commands to set up a postgresql db.And the run the server:
ant server
in the mitro-core directory. Things should be ready to go (you might also want an & here to run in the background)
If you have a problem with 'ant server' indicating 'invalid source release' then you need to install java-1.7.0-openjdk.x86_64 and java-1.7.0-openjdk-devel.x86_64 via yum because the rpm didn't install properly earlier
Test
Connect to: https://localhost:8443/mitro-core/api/BuildMetadata with a browser and you should see
Now build the extension and run tests:
cd browser-ext/api
./build.sh
cd js/cli
./runtests.sh FAST && echo "SUCCESS"
To test out the extension in a browser:
Build the 'safari/firefox/chrome'-debug extension in browser-ext/login with 'make safari-debug' (or firefox/chrome)
If you run into problems with 'nopt' not being found then you need to
npm install -g nopt
If that still doesn't work then you can run
npm install nopt
in the browser-ext/third_party/hogan.js/bin directory
Install the extension into the browser (I chose safari...for a chrome install, see the browser-ext/README)
NOTE: You won't get an email sent to your login email account because emailer2.py is still missing from ansible
NOTE: if you want to use a different machine on your network to test the extension, rather than the mitro server machine, then edit the browser-ext/login/common/config/cofig.debug.js file and change the two 'localhost' entries to an ip address like '192.168.1.66', or wherever the server is running
The text was updated successfully, but these errors were encountered: